If you are involved in security awareness sooner or later you will have to present. It can be anything from teaching fellow employees about security awareness, to briefing management on the impact of your awareness program. The problem is many of us in security are not good communicators. There is nothing more dissapointing than attending a security conference to hear your favorite security researcher present on their latest finding or newest tool, only to fall asleep five minutes into the talk because they are terrible communicators. Over the past fifteen years I've done alot of presenting and teaching, and in that time I've made a tremendous number of mistakes. My personal top ten take aways for successful presenting are listed below. If you have any suggestions or lessons learned, feel free to share in comments or email me at lspitzner@sans.org.

#1 Introduce Yourself
Whenever you start a presentation, first introduce yourself. Far too often folks jump right into their presentation with no introduction or background. Who are you, where do you come from, why should I listent to you? Introducing yourself makes you human, it can help establish a bond with the audience. They want to know you, they actually want to see you succeed. The second is your experience can help establish your credibility. It helps answer the question why people should listen to you. Finally, if this is part of an internal awareness program it helps promote your security team. "Hi, my name is Lance Spitzner, I'm the security awareness officer for our security team". Many employees may not realize there is a security awareness officer, some may not even know your organization has a security team. By introducing yourself you help make them aware of these resources, and put a human face to it. When I used to first present I made this mistake all the time. You know you messed up when after your talk people have to ask who you are, what you do or what organization you come from.

About the Author

Lance Spitzner

Director, SANS Security Awareness

Lance has over 20 years of security experience in cyber threat research, awareness and training. He invented the concept of honeynets, founded the Honeynet Project and helped pioneer the field of cyber intelligence. Lance has published three security books, consulted in over 25 countries and helped hundreds of organizations establish mature security awareness programs. Lance serves on the Board for the NCSA, is a frequent presenter, serial tweeter ( @lspitzner ) and works on numerous community security projects. He served as an armor officer in the Army's Rapid Deployment Force and earned his MBA from the University of Illinois.